A deep dive on how teams under high utilization are negatively impacted and how to spot this pattern in your own teams
Application Security Engineer @Shopify.
What is gatekeeping and when can it lead to a positive outcome?
How a memory leak within one of our middlewares exposed user sessions across requests.
A tale of software development and hidden complexity
Where we end up using matrices and exponentiation by squaring to model a linear recurrence.
Let's investigate MACs built using block ciphers by learning about the ECBC algorithm.
Reasoning about investment planning as a manager
Is implementing SAST in your organization as simple as it looks?
How to implement productive pair programming sessions?
What is a Message Authentication Code and what is it used for?
In this post we will investigate how multiple ciphertexts encrypted with a fixed nonce in CTR mode can be attacked.
In this post we will investigate how encrypting and decrypting in CTR mode works.
In this post we will investigate how this seemingly innocuous idea of using our key as the IV can be exploited to leak the key under certain conditions.
Let's explore this modern static analysis tool and how it allows us to identify patterns in our code for linting or security purposes.
Exploiting CBC Padding Oracle
Let's understand and implement the CBC bit-flipping attack.
Let's exploit ECB yet again, this time through the cut and paste attack.
How do we figure out the block size of a message encrypted with ECB?
Decrypting ECB a byte at a time
Given that we are using repeating-key XOR, how do we figure out the length of an unknown key?
Implementing and breaking the repeating-key XOR algorithm
As a manager, what should we pay attention to when we have a successful team that is expanding rapidly?
What I consider a good technical mentorship?
Thoughts on content curation as a way to mitigate content overload.
A take on different leadership styles and what I consider a healthy balance.
Learning and mentoring through our new digital context.